Merge branch 'zsv-ldap-3' into 'feature-zsv-5.0.0-vm-support-vtpm-and-secuceboot'

gitlab · gitlab · commit bc124491e7c9 · 2026-04-07T13:00:08.000Z
&lt;fix&gt;[kvm]: remove TPM from VM individually instead of batch delete

See merge request zstackio/zstack!9550
diff --git a/plugin/kvm/src/main/java/org/zstack/kvm/tpm/KvmTpmManager.java b/plugin/kvm/src/main/java/org/zstack/kvm/tpm/KvmTpmManager.java
@@ -305,6 +305,10 @@ public String getName() {
     static class RemoveTpmFromVmContext {
         String vmInstanceUuid;
         String tpmUuid;
+
+        // enable when TPM delete/VM delete ...
+        boolean force;
+
         List<VmHostFileVO> hostFiles;
 
         static RemoveTpmFromVmContext valueOf(RemoveTpmMsg msg) {
@@ -318,6 +322,7 @@ static RemoveTpmFromVmContext valueOf(RemoveTpmMsg msg) {
     private void removeTpmFromVm(RemoveTpmFromVmContext context, Completion completion) {
         SimpleFlowChain.of("remove-tpm-from-vm-" + context.vmInstanceUuid)
             .then(Flow.of("check-vm-status")
+                .skipIf(data -> context.force)
                 .handle(trigger -> {
                     VmInstanceVO vm = Q.New(VmInstanceVO.class)
                             .eq(VmInstanceVO_.uuid, context.vmInstanceUuid)
@@ -457,10 +462,31 @@ public void rollback(FlowRollback trigger, Map data) {
                     trigger.rollback();
                     return;
                 }
-                SQL.New(TpmVO.class)
-                        .in(TpmVO_.uuid, transform(reply.getInventories(), TpmInventory::getUuid))
-                        .delete();
-                trigger.rollback();
+
+                new While<>(reply.getInventories()).each((tpm, whileCompletion) -> {
+                    RemoveTpmFromVmContext removeContext = new RemoveTpmFromVmContext();
+                    removeContext.vmInstanceUuid = tpm.getVmInstanceUuid();
+                    removeContext.tpmUuid = tpm.getUuid();
+                    removeContext.force = true;
+                    removeTpmFromVm(removeContext, new Completion(whileCompletion) {
+                        @Override
+                        public void success() {
+                            whileCompletion.done();
+                        }
+
+                        @Override
+                        public void fail(ErrorCode errorCode) {
+                            logger.warn(String.format("failed to delete tpm for VM[%s] but still continue: %s",
+                                    tpm.getVmInstanceUuid(), errorCode.getReadableDetails()));
+                            whileCompletion.done();
+                        }
+                    });
+                }).run(new WhileDoneCompletion(trigger) {
+                    @Override
+                    public void done(ErrorCodeList errorCodeList) {
+                        trigger.rollback();
+                    }
+                });
             }
         }).then(new NoRollbackFlow() {
             String __name__ = "clone-encrypted-resource-key-if-needed";
